VLANs, Port Isolation Groups, and Port Mirroring


I've been studying up on the above subjects and am trying to decide the best way to accomplish my goal. I thought I would just spell out what I want to do and let you experts recommend what approach you would take.

What I've got: 14 each 2524 switches at F.05.17 connected via fiber to a 5308 switch at E.07.40 (don't wanna update the 53xx firmware until the web access is fixed).

What I wanna do: Sit at my desk and use the Ethereal sniffer to trap traffic from any port on any switch in the system.

Port mirroring works just great, but only if the traffic I want to see is on the same 2524 I am. I need to trap traffic on other 2524 switches.

What I'm considering trying is to create a single VLAN incorporating port 24 on every 2524, then mirroring the traffic I want to capture to port 24 and pick it up on port 24 of the 2524 I'm physically closest to.

Will this work? It seems a bit complex, since the 2524's are not connected to each other, but to the 5308.

Is there a better, simpler way?
Carsten M
Regular Advisor

it doesn't work wit vlans (your seen broadcasttraffic, that's all)
One way is a lan-probe on every interest switchport (? if exist, freeware software lan-probe).
a separate switch, connected to every work-switch and than mirroring the ports from the work-switches to the separate switch